feat: add deletePersonalMilestone mutation to PersonalMilestoneSchema
- Introduced a new mutation to delete personal milestones, including necessary authorization checks to ensure that only mentors of the associated schedule can perform the deletion. - Enhanced error handling to provide clear feedback for unauthorized access and missing user information. These changes improve the management of personal milestones within the GraphQL API, ensuring proper access control and user experience.
This commit is contained in:
@@ -174,6 +174,45 @@ export class PersonalMilestoneSchema extends PothosSchema {
|
|||||||
})
|
})
|
||||||
},
|
},
|
||||||
}),
|
}),
|
||||||
|
deletePersonalMilestone: t.prismaField({
|
||||||
|
type: this.personalMilestone(),
|
||||||
|
args: {
|
||||||
|
personalMilestoneId: t.arg({
|
||||||
|
type: 'String',
|
||||||
|
description: 'The ID of the personal milestone to delete.',
|
||||||
|
required: true,
|
||||||
|
}),
|
||||||
|
},
|
||||||
|
description: 'Delete a personal milestone.',
|
||||||
|
resolve: async (_query, _root, args, ctx, _info) => {
|
||||||
|
if (ctx.isSubscription) {
|
||||||
|
throw new Error('Not allowed')
|
||||||
|
}
|
||||||
|
if (!ctx.http.me) {
|
||||||
|
throw new Error('Cannot get your info')
|
||||||
|
}
|
||||||
|
// check if the user is mentor of the schedule where the personal milestone belongs to
|
||||||
|
const personalMilestone = await this.prisma.personalMilestone.findUnique({
|
||||||
|
where: { id: args.personalMilestoneId },
|
||||||
|
})
|
||||||
|
const schedule = await this.prisma.schedule.findUnique({
|
||||||
|
where: { id: personalMilestone?.scheduleId },
|
||||||
|
})
|
||||||
|
if (schedule?.managedServiceId) {
|
||||||
|
const managedService = await this.prisma.managedService.findUnique({
|
||||||
|
where: { id: schedule.managedServiceId },
|
||||||
|
})
|
||||||
|
if (managedService?.mentorId !== ctx.http.me.id) {
|
||||||
|
throw new Error('Unauthorized')
|
||||||
|
}
|
||||||
|
}
|
||||||
|
return this.prisma.personalMilestone.delete({
|
||||||
|
where: {
|
||||||
|
id: args.personalMilestoneId,
|
||||||
|
},
|
||||||
|
})
|
||||||
|
},
|
||||||
|
}),
|
||||||
}))
|
}))
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|||||||
Reference in New Issue
Block a user